Cisco SASE Umbrella Roaming
SASE recently became the most popular topic in the network. We have to invest in protecting our network. Because end-users have to be checked by the security policy. Attackers generally hack the end-user computers. If attackers try to access the corporate networks with an end-user PC that is hacked, it will be a disaster for the company.
With the pandemic, the number of people working from home has increased. The companies don't want office workers in their offices. They learned that this business is profitable :). It is essential to check the end-users access from home. Cloud solutions assist us with this issue.
SASE(Secure edge secure access) is a terminology. SASE aims to connect users and devices, regardless of location, to any application across any cloud. A secure automated WAN is used to optimize performance by ensuring the fastest, most reliable, and most secure path to the cloud.
I tested the CISCO umbrella solution to access the Internet. Also, I analyzed the access log. The component of the Umbrella is the following;
DNS resolution is the first step when a user attempts to access a website or other service on the Internet. DNS Security logs and categorizes DNS activity by type of security threat or web content and the action taken, whether it was blocked or allowed. It is critical that the DNS filter is underpinned by excellent threat intelligence sources
Umbrella Roaming protects employees when they are off the VPN by blocking malicious domain requests and IP responses as DNS queries are resolved. By enforcing security at the DNS layer, connections are never established and files are never downloaded. Malware will not infect laptops and command & control (C2) callbacks or phishing will not exfiltrate data over any port. Plus, you gain real-time visibility of infected laptops with C2 activity.
If you have a CISCO account, you can try the roaming feature of Umbrella from this link. You will download the proper client for your operating system. Then you will install the client on your computer with the information in a zip file. That'll :) After installation, the roaming client connects to the umbrella and will appear protected.
Umbrella login link;
Everyone can use the Umbrella for 14-day free trial. When you log in to the Umbrella, the following page appears.
When I check from the umbrella, I will see my computer is connected to the umbrella.
You can configure some features on the umbrella. You can open malware, phishing attack, croptominig features, etc.
If you want, you can create your policy for your corporate network.
Also, there are many reports on the umbrella service. You can see the report type in the following picture
Many vendors provide SASE service on their cloud solutions. I only examined one of the many components. Everything is changing. Centralizing the security systems reduces costs and provides central control. In my opinion, we should follow up on the innovation.
Note: Also, you can integrate the network devices into the Umbrella service. This link shows how to integrate the network devices into the umbrella services.
Thanks for Reading.
Reference: Link
hallo